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Foreword 



rd , 



This Technical Specification has been produced by the 3 Generation Partnership Project (3GPP). 

The contents of the present document are subject to continuing work within the TSG and may change following formal 
TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an 
identifying change of release date and an increase in version number as follows: 

Version x.y.z 

where: 

X the first digit: 

1 presented to TSG for information; 

2 presented to TSG for approval; 

3 or greater indicates TSG approved document under change control. 

y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, 
updates, etc. 

z the third digit is incremented when editorial only changes have been incorporated in the document. 



Introduction 



Traditionally a single integrated device with integrated radio access means formed the User Equipment (UE) for access 
to mobile communication services. Now, however, many subscribers possess more than one device for running mobile 
communication services, which may be connected to form a Personal Network (PN). The devices differ in their 
capabilities and these capabilities qualify the devices more or less for specific end-to-end applications or particular 
media like audio, video and pictures. A part of the devices offers own network access means for accessing the PLMN 
via UTRA, WLAN, or other access technologies. The other devices are Terminal Equipments without radio access 
capabilities. 

Personal Network Management (PNM) allows the users to manage their devices and PN's. This TS specifies 
requirements for allowing the users to manage their devices. The considered management functions of Personal 
Network Management comprise the setup and configuration of Personal Networks, the personalization for the 
termination of services within the Personal Network as well as the enabling of secure connections between the Personal 
Network Elements. This includes the management of Personal Area Networks with their local device connections and 
their available radio access means. 

Two different scenarios are distinguished for Personal Network Management: 

1 Personal UE Networks: This addresses the management of multiple UEs belonging to a single PN-User. It 
contains the UE Redirecting application that provides for redirect terminating services to selected UEs and PN 
Access Control that provide for privacy and enable restricted access to a PN. 

2 PNE Networks: This extends the scope of considered managed objects from UEs to physically separated UE 
components and to attached MEs. It does not only extend the PN UE Redirecting application and PN Access 
Control by PAN-specific aspects but addresses the PAN Management with interactions of TEs and MEs. 

These two scenarios are handled separately within the TS as the requirements of Personal UE Networks and PNE 
Networks are focussed on different types of services. Personal UE Networks aim at an easy-to-use UE management 
whereas PNE Networks enable complex scenarios of local networks with alternative network access means. 
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Scope 



The present document describes the service requirements for the Personal Network Management (PNM). Aspects of 
data synchronisation and management of user data are out of scope. 



References 



The following documents contain provisions, which through reference in this text, constitute provisions of the present 
document. 

• References are either specific (identified by date of publication, edition number, version number, etc.) or 
non-specific. 

• For a specific reference, subsequent revisions do not apply. 

• For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including 
a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same 
Release as the present document. 

[I] 3GPP TS 22.004: "General on supplementary services". 
[2] 3GPP TS 22.101: "Service aspects; Service principles". 

[3] 3GPP TS 22.105: "Service aspects; Services and service capabilities". 

[4] 3GPP TR 22.944: "Report on service requirements for UE functionality split". 

[6] Void 

[7] 3GPP TS 23. 101 : "General Universal Mobile Telecommunications System (UMTS) architecture". 

[8] 3GPP TS 22.082: "Call Forwarding (CF) supplementary services". 

[9] 3GPP TS 22.228: "Service requirements for the Internet Protocol (IP) multimedia core network 

subsystem".. 

[10] 3GPP TS 23.228: "IP Multimedia Subsystem (IMS)". 

[II] 3GPP TS 23.279: "Combining Circuit Switched (CS) and IP Multimedia Subsystem (IMS) 
services". 

[12] 3GPP TR 21.905: "Vocabulary for 3GPP Specifications". 



3 Definitions, symbols and abbreviations 

3.1 Definitions 

For the purposes of the present document, the terms and definitions given in TR 21.905 [12] and the following apply. A 
term defined in the present document takes precedence over the definition of the same term, if any, in TR 2 1 .905 [ 12] . 

Personal Network: A Personal Network (PN), in the context of Personal Network Management, consists of more than 
one Personal Network Element under the control of one PN-User providing access to the serving PLMNs. There shall 
be at least one Personal Network Element with a USIM subscription in a PN. Authentication of the user for each PLMN 
access is based on the USIM(s) of the PN. The Personal Network Elements are managed in a way that the user 
perceives a continuous secure connection regardless of their relative locations. The Personal Network Elements 
belonging to the PN-User' s PN maybe registered to different PLMNs at a time. The PN-User controls the PN using 
facilities provided by the Personal Network Management (PNM). 
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Personal Network Element: A Personal Network Element (PNE) is the basic component making up a PN-User's 
Personal Network. A Personal Network Element is handled as a single entity in PNM but physically it may be either a 
single device or a group of devices. The Personal Network Element may be a TE, MT, ME or even a complete UE. 

Personal Area Network: A Personal Area Network (PAN) is a local network of the PN-User. In the context of 
Personal Network Management, the PAN consists of at least one UE and may additionally comprise a number of 
MEs/MTs, with own radio access means that allow them to directly access the PLMN of the UE. The UE and locally 
connected additional MEs/MTs are the PNEs of the PAN. Alternatively the UE components, i.e TEs and MT, may be 
handled as separate PNEs. The UE contains the single active USIM of the PAN. 

PNE Identifier: The PNE Identifier uniquely identifies each PNE of a PN within the PN. The PNE Identifier of MTs 
and MEs is the IMEI. Other PNEs have PNM-specific identifiers that are allocated for enabling PNM functions. 

PN-User: For the purpose of Personal Network Management the PN-User is the person who owns the Personal 
Network Elements with respective subscriptions at one service provider. 

Registration: In the context of Personal Network Management registration is the procedure by which a particular entity 
is either added to the Personal Network or to the Personal Area Network. Entities are physically separated devices or 
groups of devices. The entity stays registered till deregistration of the entity is performed. The status of registration to a 
Personal Network or Personal Area Network is not affected by the status of registration/attachment to the PLMN. 

Configuration: In the context of Personal Network Management Configuration contains the procedure by which a PN- 
User can configure the PN settings for the PN UE and the PN Access Control applications. 

Interrogation: In the context of Personal Network Management Interrogation is the procedure by which a PN-User can 
interrogate the PN settings which are configured by the PN-User before. 

For further definitions see [12]. 

3.2 Abbreviations 

For the purposes of the present document, the following abbreviations given in TR 21.905 [12] and the following apply. 
An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, 
in TR 21.905 [12]. 

PNM Personal Network Management 

PN Personal Network 

PAN Personal Area Network 

PNE Personal Network Element 



4 Personal UE networks 

4.1 General description 

Personal UE Network features enable the management of multiple UEs belonging to a single PN-User. In particular, 
customer needs who own more than one terminal and subscription are addressed, e.g. ordinary handset for telephony, 
car phone, PDA for emails when on the move, data card with laptop for work when in semi-stationary mode. Although 
those devices are mainly held for a particular usage, many are able to support more than one sort of services, e.g. 
telephony is supported by all but the data card. Personal UE Networks are not aware of the presence of other PNEs 
belonging to a user. 

Functionality enabled by Personal UE Networks comprises PN UE redirection and PN Access Control. 

Registration, configuration and interrogation procedures for PNM are supported via IMS capable PN UEs, via a web 
client or by administrative procedures. 
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4.2 PN UE Redirecting application 



Customers may not carry always their full set of "gadgets", but still want to be reachable. Currently management of all 
the terminals for the PN-User by setting forwarding options, switch on and off terminals, providing partners with 
multiple addresses is not very customer friendly. 




Fig 1 : UEs managed by PN e.g. UE Redirecting application 

4.2.1 Requirements for PN UE redirecting application 

PNM shall be provided to a subscription upon customers request via administrative procedures. 

PNM shall be withdrawn upon customer request or for administrative reasons via administrative procedures. 

The PN-Users shall be able to register and deregister UEs to their PN. 

Successful registration shall add the UE as new Personal Network Element to the Personal Network. The 
information on the UE and the public user identities belonging to the UE shall be written to the service profile in 
the network. A deregistration procedure shall be performed to remove a registered UE from the Personal 
Network. 

Each UE shall only be registered in one PN and the network shall reject the registration request of a UE that is 
already registered in another PN. 

The PN-Users shall be able to "activate" a certain UE of their PN as the default UE for terminating services 
addressed to any of the UEs belonging to the PN. Activation shall be possible 

On a global level for all services supported by the UE capabilities and subscription 

On a per service basis for selected services supported by the UE capabilities and subscription 

On a per service component basis for the different media of a supported service (in line with [9]) 

The PN-Users shall be able to configure priorities of a UEs list with priority for terminating a specific service. 

Note: the priority may be based on parameters such as time, device capability and PN-User choice. 
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The PN-User shall be able to interrogate the PNM network database for the current PN-User settings of their 
own PN. 

The registration and configuration procedures shall include a validation and update of identities and capabilities 
associated with the UE. For this reason, registration and activation of a UE shall only be done for UEs that are 
currently attached/registered to the network. The UE shall either send an registration/activation request to the 
network or the network shall "invite" the UE based on a request received from another UE belonging to the PN. 
Registration and activation may be also provided via administrative procedures. 

The UE or the network shall deny activation as default UE for terminating a particular service or service 
component, in case the UE does not provide the capability or the subscription to terminate the service. 

Deactivation and deregistration should not always require the involvement of the UE affected by the setting. 
However the network shall only process deactivation and deregistration requests from UEs belonging to the 
same PN. 

A UE performing activations shall have the capability to perform the deactivations for these settings. 

For terminating services without an activated UE, the services shall not be redirected but shall be terminated by 
the addressed target UE. Information shall be offered to the PN-User when the only active device for terminating 
a service is deactivated. 

In case more than one device is activated for a terminating service, e.g. IMS devices with the same Public User 
Identity, the service should be directed to all devices that are currently reachable for the network (PS attached or 
IMS registered). It shall be possible to make the PN-User aware on charging implications caused by activation of 
more than one UE for directing of the same service. 

If activations are configured for one or more media types of a service then the overall service directing setting 
shall be overwritten for directing these service components. 

Directing media of a service to different devices should be up to the choice and responsibility of the PN-User. 
For instance, in case of synchronized media the redirection to different devices may result in a loss of 
synchronization. 

A new activation overrides the previous activation status when successful. 

Deregistration of active UEs shall comprise the global deactivation of the UEs. 

It shall be possible to allow two sets of activation settings. One set is always present and contains the default 
configuration. On a temporary basis, a second set of activation settings is configured. The temporary activations 
shall provide a means for saving and restoring current activation settings. While temporary activations are 
switched on, these settings shall override the non-temporary configuration. 

The network shall assume that the non-temporary settings are still valid after fallback from temporary to non- 
temporary activation settings. For this reason, it shall be possible for the UE to access and change temporary as 
well as non-temporary settings. 

If capabilities or subscriptions of an active UE change and activated services are no longer supported by the UE, 
e.g. TEs providing these capabilities are removed, then the UE shall deactivate the affected services and offer 
appropriate information to the user and the PN service. 

It shall be possible for a UE to offer capability lists to the PNM service, where the capability list contains the 
capabilities that the UE is capable of terminating or is interested in receiving updates regarding them. 

- It shall be possible for UEs of the PN to update PN configuration after an attachment/registration of the UE to 
the network. 

PNM settings may comprise current UE capabilities and redirection settings of a PN. The PNM service shall 
update the PNM settings to the UEs, selectively based on their respective capability lists, when other UE 
capabilities of the PN change. 

Means shall be provided to enable redirection to a particular UE for dealing with situations where UEs share the 
same Public User Identity. 
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Terminating services shall only be redirected if the redirection does not cause systematic misbehaviour of user 
devices or the network (e.g. SMS is one service where redirection shall not be applied if any over-the-air 
management of the target UE would be prevented.) 

The PNM service shall interwork with CS-Domain call forwarding [8] and IMS session redirecting [9] in a way 
that no collisions of contradicting redirections occur in the network and the redirection of data remains 
transparent for the user. The considered interworking scenarios shall include the redirection of IP Multimedia 
sessions caused by any of the listed events or conditions [9]. 

The UE Redirecting application shall be applicable to terminating services in the CS-domain, PS-domain, and 
IMS subsystem. 

Originating services shall not be affected by the default settings. 

The services that are made available for redirection shall be consistent with existing service identifiers, e.g. IMS 
communication service identifier [10], or service grouping, e.g. basic service groups [1]. 

Redirection of terminating services and service media shall be done for only public user identities and addresses 
belonging to a UE of the PN. 

The PN-User shall be able to exclude specific public user identities and addresses of the PN from data 
redirection. 

Note: In the above requirements, registration means the registration of UE and of its public identities to the PN. 
The registration procedures of the UE to the PLMN remain unaffected. 

4.2.2 Usability requirements forPN UE redirection application 

The following PNM procedures shall be at least available via one of the UEs belonging to the actual PN of the PN-User 
and shall be realized in a user friendly and secure manner: 

Registration of a UE 

Deregistration of a UE 

Activation of a UE for a specific service or service component 

Global activation of a UE for all services, as far as supported 

Setting up of capability lists as requested by a user 

Interrogation of PNM database 

4.2.3 Security for PN UE redirection application 

Registration of UEs to a PN shall require the consent of the subscriber by appropriate means, e.g. an "invite" 
function, preventing intended/unintended access by unauthorized UEs. 

4.2.4 Charging for PN UE redirection application 

All charges for terminating services shall be levied to the "active" UEs, even when originally addressed to 
another UE belonging to the PN. 

It shall be possible to raise registration/deregistration and activation/deactivation fees. 

4.2.5 Interaction with supplementary services 

For terminating services invocation of Supplementary Services applicable to the active UE shall take precedence 
over invocation of Supplementary Service applicable to the called UE. 

There is no impact on the registration, erasure, activation, deactivation of Supplementary Services. 
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4.3 PN access control 

Private networks may consist of UEs which are only privately accessed, that is each UE may be accessed only by 
other UEs of the PN. The PN-User may additionally modify the access levels of each UE of the PN to be public 
or private. 

In order to allow external UEs or Guest UEs to access these UEs, the PNM provides access control procedures. 
The PNM shall provide registration and authentication mechanisms for guest device access. 

Note 1 : Authentication refers to verifying the registration status of a certain guest UE by the PNM. 

Note 2: It is assumed that guest UE access to a UE in a PN is routed via the PLMN Network. In particular control 
of access to a UE via local interfaces is outside the scope of this specification. 

4.3.1 Requirements for PN access control 

The PN-User may register up to <n> UEs to be private to the PN, whereby public access to these devices may be 
restricted. 

The PN-User is able to register up to <m> UE public identities not owned by him as registered callers that are 
allowed to initiate sessions with the private UEs of the PN, and these UEs containing these registered public 
identities are referred to as Guest UEs. 

The PN-User may nominate a UE as the default UE for access control. This UE shall have the access rights to 
register/deregister private UEs and guest UEs. 

The registration of Guest UE may be performed by the default UE for access control and enabled dynamically 
(querying during session initiation procedures using public identity of caller) or statically (using PN specific 
database) by PNM procedures. 

In case the user has another UE in the PN as the default UE for redirection, then the querying shall be directed to 
the default UE for redirection. 

4.3.2 Usability requirements for PN access control 

- Registration of a Guest UE 

Deregistration of a Guest UE 

PN access level settings for a particular UE of the PN to be public / private 

PN Access control settings are stored at PNM database, for a particular Guest UE e.g unlimited access of PN by 
close friends, limited access by acquaintances. 

Note: In the above requirements, public identity may be substituted in place of UE. Example, either a public 
identity or a UE may be registered into a PN. 

4.3.3 Security for PN access control 

PN access control settings refer to the PN-User providing different access control settings of his PN for different 
Guest UEs / Public Identity. 

4.3.4 Charging for PN access control 

Note: Currently no additional charging issues have been identified, but this topic may be studied further. 
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PNE networks 



5.1 General description 

PNE Networks enable functions for the management and direct accessibility of the physically separated components of 

a UE, i.e. TEs and MEs.. 

PNE Network functions comprise the management and communication of these PNEs within a PN as well as the 
extension of the PN UE Redirecting application and the PN access control function to include the redirection to UE and 
PAN components. 




Fig 2: Devices addressed by PAN lUlanagement 



5.2 Personal area network management 

Service requirements cover the management of UE(s), as well as UE components and TE(s), ME(s) or MT(s) and 
belonging to the same PAN(s) (see Figure 2). 

A UE including a USIM, can comprise physically separated TEs and can also have connections with other MTs or MEs 
(e.g., a PDA, music player, laptop, camera, headset, etc.). The devices are connected through short-range wired or 
wireless connections (when they are in close proximity) and form a small network, called a PAN (Personal Area 
Network). The owner of the PNE that holds the USIM controls the PAN. 

PNEs of a PAN without / not requiring a USIM, may have the need to access services provided by the PLMN or to 
communicate with another entity through the PLMN. In this case PNEs must be authenticated and authorized by using 
the USIM associated with the PLMN (i.e., a single USIM authority shall be shared by all the PNEs of the PAN that 
access services provided by the PLMN). 

For managing a PAN means are required to identify a particular PNE within a PAN. The PNE identifiers enable 
connections between selected PNEs and directing of terminating services to a particular PNE. 
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Thus PNM identifiers are divided into subscriber identities and PNE identities. 3GPP private subscriber identifiers are 
the unique IMSI and the unique IMS Private User Identies stored in USIM and ISIM. The subscriber identities are used, 
for example, for registration, authorization, administration, and accounting purposes in the network. The PNE 
Identifiers are used to identify devices within a PN and may be used, for example, for blacklist and Device Management 
purposes. When the PNE is a ME, the IMEI should be reused as PNE identifier unless for security reasons or other 
reasons this is not feasible. In contrast to MEs the PNE identifiers of TEs are PNM-specific and have little network 
security relevance as TE have no own radio access means. 

Annex A.3 shows two use cases where users access a PLMN from their PANs. 

The PN shall support the combination and separation of PANs. 

5.2.1 Personal area network requirements 

- The PN-User shall be able to control which PNEs (i.e. TEs, MTs and MEs) are part of a PAN via MMI 
procedures. 

A user may set-up more than one PAN within a PN. 

The PN-User shall be able to register and deregister PNEs that can be used in a PAN. 

The PN-User shall be able to activate and deactivate the PNEs registered to a PAN. 

A PAN uses exactly one active USIM for authentication. Hence a PAN contains exactly one 3GPP UE. 

In case of only one ME within the PAN the PAN reduces to a 3GPP UE and shall behave as such. 

- The PNE Identifier of MEs shall be the IMEI. For TEs it shall be possible to allocate PNM-specific PNE 
identifiers. 

Note: Cases occur in practice where IMEIs are duplicated for misuse. Resulting potential security threats should 
be considered when adding functionality that requires a secure PNE identifier. 

PNM-specific PNE Identifiers should only be required for PNM-internal purposes but should be harmonized 
with other optional device identifiers (i.e. Personal ME Identifier in CSI [11]). 

PNM-specific PNE Identifiers shall not be used for routing purposes in the network except PN-internal 
forwarding to a particular PNE within a PAN. 

PNE Identifiers shall be unique within a PN. Procedures are needed to avoid that PNEs of one PN have the same 
PNE Identifier. 

It shall not be necessary to store PNE Identifiers in TEs. Instead PNE identities should be managed by a PAN 
device responsible for processing PAN Management functions. 

It shall be possible to simultaneously access a PLMN via multiple access systems. For example, the user might 
use PNEl for data services (internet access) together with PNE2 on a PLMN for a speech call. 

The PN shall support the combination of two or more PANs into one PAN when they are in close proximity. In 
this case a UE shall be designated for the new PAN. Other UEs who participate in the combination shall be 
deactivated and hence act as MEs in the new PAN. 

The PN shall support the separation of PAN under specific conditions. In case that there is no active UE among 
the separated devices, a ME with a USIM shall be designated and activated as UE for the new PAN. 

The PN shall be able to update registration information of PNEs that participate in the combination or separation 
of PANs. 
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Figure 34: Connections between IVIEs and TEs 

5.2.2 Usability requirements of personal area network management 

The following PAN Management procedures shall be supported by PAN in a user friendly and secure manner: 
Authentication and authorization of PNEs in a PAN 

- Registration of PNEs in a PAN 
Deregistration of PNEs in a PAN 

- Activation of PNEs in a PAN 

- Deactivation of PNEs in a PAN 
Management of PNE identities within a PAN 

Registration update of PNEs in a PAN 
Combination management of PAN 
Separation management of PAN 
Capability announcement of PNEs in a PAN 

5.2.3 Security 

In order to maintain security between a PAN and a PLMN, MTs or MEs providing direct connectivity must be 
authenticated and authorized when they get attached to the network and start using/accessing 3GPP services. For 
authentication and authorization, existing security mechanisms, which are based on USIMs , shall be used. 

For improved security, the MT or ME may use suitable trusted computing technologies. 



5.2.3.1 



General 



A secured interface between the UE holding the (U)SIM and other PNE's in the PAN is required. This "local 
interface" must be able to protect against eavesdropping, and undetected modification attacks on security-related 
signalling data (e.g. authentication challenges and responses). Cryptographic or physical means may be used for 
this purpose. 

Both endpoints of the local interface shall be mutually authenticated and authorized. 

The ME/MT without (U)SIM shall be capable of communicating with the U(SIM) only if the UE containing 
(U)SIM is switched on and a (U)SIM is powered on. Furthermore the ME/MT without (U)SIM shall not be 
allowed to change the status of the UE with active (U)SIM, or the remote (U)SIM, e.g. to reset it, or to switch its 
power on or off. 
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The ME/MT without the (U)SIM shall be capable of detecting the presence and availability of the active (U)SIM 
on the UE containing it. It also has the ability to terminate an authenticated network sessions when, the (U)SIM 
is no longer accessible within a short monitoring time period. 

The user shall have the capability to shut off sharing of (U)SIM feature. The owner of the UE holding the active 
(U)SIM should authorize its use. 

Integrity and privacy of signalling between ME/MTs and the PLMN shall be supported. No leakage of (U)SIM 
information to the user, or any third party over the wireless interface (e.g. Bluetooth/WLAN). 

Whenever someone (a specific device) tries to remotely access a (U)SIM for the first time some sort of alert shall 
be sent, e.g. a message will be displayed informing the user of the access. The user can then decide whether the 
access is authorized and can allow or disallow it. 

- The UE holding the (U)SIM should be responsible for mediating access to the (U)SIM Application/Data such as 
controlling the logical channels. 

UICC presence detection shall be supported via the local interface. 

When the (U)SIM is re-used over local interfaces, additional access control on the Applications/Data information 
shall be implemented by the UE holding the active (U)SIM compared to the case when it is accessed by the UE 
holding the (U)SIM directly. For example, some AT commands might have to be restricted. 

5.2.3.2 PNE management requirements 

- Default Settings 

The default settings of any PNE coming from the manufacturer should always be set to "Do Not Auto Connect" 
or "Do Not Make Discoverable". 

The user must be aware that they are allowing their PNE to "be seen" by other devices. 

Connection Confirmation 

A PNE shall only accept a connection from another PNE after receiving a confirmation from the user indicating 
willingness to accept such a connection (i.e. there should be no "auto-accept" feature on the PNE). 

The requesting PNE should represent itself via its Unique Identifier. 

5.2.4 Charging 

If any charges are made for the provision of PNM these should be levied to the active subscription of the PAN. 



5.3 PNE redirecting application 



The Personal Network may comprise more than one UE or PAN. Each entity belonging to a Personal Network is 
generally termed as a PNE. The PNE may be a single device or a group of devices. The Personal Network from a user's 
perspective is his own network. Any of his PNEs may connect to each other, whereby the user may restrict public 
access via means provided by PNM. Personal Network Elements may not have public user IDs (E.g. MSISDN or URI), 
and therefore "other" users are not able to directly address data to these TEs. 

The PNE Redirecting application is based on the PN UE Redirecting Service. In contrast to the PN UE Redirecting 
Service the PNE Redirecting application shall not only allow to activate/deactivate UEs but is able to direct data to 
particular TEs of the UEs or to connected MEs. Thus a PNE is not limited to UEs and it is possible to handle particular 
components within a UE or PAN as PNE. 

Annex <A.1> shows a use case describing aspects of PNE-PNE connection. 

5.3.1 Requirements for PNE redirecting application 

All PN UE Redirecting requirements shall apply to the PNE Redirecting Service with PNE substituting UE. 
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Registration data in the network shall include information that determines the PAN or UE a registered PNE 
belongs to. Furthermore registration data shall comprise the public user identities of the UEs and PANs in the 
Personal Network. 

It shall not be possible to register PNEs that are neither part of a UE or registered component of a PAN. 

5.3.2 Usability requirements 

All usability requirements of the PN UE Redirecting application shall apply to the PNE Redirecting Service. 

5.3.3 Security 

Registration of PNEs to a PN shall require the consent of the subscriber by appropriate means, e.g. an "invite" 
function, 

Advanced PNM shall ensure the integrity and confidentiality of between PNEs in a Personal Network. 

The PNE shall be authenticated towards the PLMN based on a locally connected USIM. Only authorised and 
suitably authenticated PNEs should be able to use a locally connected USIM for network authentication 
purposes. 

5.3.4 Cinarging 

All charges for terminating services shall be levied to the active subscription of the PAN where the activated 
PNE belongs to, even when a terminating service was originally addressed to another PNE belonging to the PN. 

It shall be possible to raise registration/deregistration and activation/deactivation fees. 

5.4 PN access control for PNE networks 

Guest UEs may be provided access to PNEs of a PN. 

5.4.1 Requirements for PN access control for PNE networks 

All Service requirements for PN Access Control for Personal UE networks shall also apply to the PNE networks. 

5.4.2 Usability requirements for PN access control in PNE networks 

PN access level settings for a particular PNE of the PN to be public / private 
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Annex A (informative): 
Use cases 

A.1 Use case: Connection between PNEs of a PN 

PNM allows the communication between a PNE and PNEs of other UEs/PANs belonging to the same PN. For this 
purpose it shall be possible to establish a secure link between the PNEs of a PN. This is enabled by establishing secure 
links among locally connected devices of a PAN. In the example in figure 4 the PNEs have established a secure link. 
Through this secure link, a user is able to gain access from the ME in UEl to the TE in UE2 at home and monitor the 
heating or burglar alarm system while away from home, therefore enabling the ME to be the active PNE for termination 
of the alarm service remotely. Figure 5 explains the secure PNE-PNE communications. 

The TE in UE2 has an own PNE Identifier that allows the ME in UEl to identify and to directly communicate with the 
TE. 



* USIM 

Subscription 

,_^ Secure 
Connection 




Figure 4: Use case for connection between thie devices of a PN 



ETSI 



3GPP TS 22.259 version 10.0.0 Release 10 



18 



ETSI TS 122 259 VI 0.0.0 (2011-05) 



PNE Identity 



Secure Connection 




Figure 5: Connection between the PNEs 



A.2 Use case of UE-PN connection 

Personal UE Networks security requirements state that registration of a PNE to a PN requires the consent of the owner 
of the USIM associated with the PLMN. The description here concerns access of a Personal Network by a PNE external 
to that Personal Network. In the case of user A wishing to allow PNE B to register into his PN as a Guest UE, the user 
controls access to his PN, in other words PNM protects the privacy of A's PN. For example in figure 6, PNE B (ME) 
may only be allowed to access TE Al and this is controlled by the user, and enabled by procedures. PNE B may access 
A's PN by appropriate means, e.g. an "invite function". 




y^ Subscription 

Secure 
Connection 



EPNE B 



Figure 6: Use case for UE-PN connection 
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A.2a PN Access control: Parental control 

Alice has subscribed to PNM private network service. She has two UEs with her in the PN - UE la and UE lb. She 
decides to give UE lb to her son Bob. Bob is still a young kid and Alice worries about him getting calls from strangers. 
So she registers her UE (UE la) as default UE for access control. She then creates an access list that contains a list of 
registered callers (Guest UEs). Any calls from the registered callers (e.g. UE 3) or Guests are allowed to go through to 
the private UE (Bob's UE) directly. In case of unregistered callers (e.g. UE 2), the PN AS rejects the call directly or the 
PN Server queries Alice (UE la) whether the call can be continued. Alice can respond by allowing or disallowing 
(cancelling) the call. In addition, she may register the unregistered caller dynamically (on the fly) during session 
initiation procedures itself. 
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"W USIM Subscription 
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unregistered) 



( 




Unregistered caller / 
Guest UE (UE 2) 
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Default UE for access 
control (UE 1 a) 
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Figure 16: Use case for PN Access Control 



A.3 Use case of PN-User access a PLMN from their 
PNEs 

Figure 7 shows a use case where a user terminates a video service with a PNEs, which is part of a PAN of the PN-User. 
In this use case the user has multiple PNEs. It is assumed that the required PNE can communicate with the PNE 
containing the USIM through PAN internal communication means when they are in close proximity. After 
authentication of the PNEs by the PLMN through the PNE holding the (U)SIM, the user can access the video service. 
The PNM has the capability to manage the UE components as a user's PAN. It shall have a binding table between the 
PNE holding the (U)SIMand the other PAN PNEs which includes their identities and addresses. 

Figure 8 shows a use case where a user utilizes a video service through PNEs that have their own network access means 
and thus a direct access means to a PNM. PNEs attached to a UE don't have their own USIM and may or may not have 
their own access means. The PNE holding the (U)SIM can authenticate these other PNEs to the PLMN when these 
PNEsare in close proximity to the UE. After authentication of the PNEs, the user can access the video service directly 
via the attached PNEs, with no help from the PNE holding the (U)SIM. Again, the PNM of a PLMN has the capability 
to manage more than one PNE under a PAN. As long as the PNEs are connected to the PNE holding the U(SIM) it shall 
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be possible to keep the data communication channels through established access network means of the MEs themselves. 
If an PNE disassociates from the PNE holding the U(SIM), the data communication channels of the PAN PNE should 
be terminated immediately. 

Figure 9 shows a use case where a user receives a video service through PNEs which are directly connected to another 
access system (i.e, External IP network with a commercial relationship with the PNM service provider). When many 
packets (e.g. for a higher resolution or frame rate) are sent to a user for Video Service, the user may want to receive 
them directly through a more suitable PNE and access system. If the specific PNE has its own network connection, not 
via UE, the user can request the PNM to get a new data path via its own network connection e.g. Internet. In this case, 
the specific PNE must be authenticated and authorized by using the PNE holding the (USIM) (i.e., a single USIM 
authority is shared by all the PNEs of the PAN) and the session is controlled by UE. The user can receive the video 
service through the PNE after the PNM establishes a new data path via the external IP network for Video Service. If the 
user wants to disconnect the new data path, which is already connected to a PNE, he/she can also request the release of 
new data path through PNM. The new data path of the PNE will be terminated immediately. 
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Figure 7: Single network connection 

through PNE holding the (U)SIM of 

PAN 



Figure 8: Multiple network connections 
through 3GPP access systems 



Video Service 



PLMN \ 
(e.g. CS. PS) 





New User Data 
User Data 
Control Data 



Figure 9: Multiple network connections through other access system 

Note: If the access system is a non-3GPP network, there must be a commercial relationship between the 
HPLMN and the non-3GPP access system. 



A.4 Use case for connection between guest UE and PN 

The Guest UE is registered into the PN after authentication mechanisms. This use case describes an example where the 
Guest UE belongs to a different service provider. Once registered into the PN, the Guest UE is allowed to access the 
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PN, based on access control procedures set by the PN user for the particular Guest UE. For example, in fig 10 given 
below, the Guest UE is allowed to access the video service that the PN of the PNE holding the (U)SIM offers. That is 
the Guest UE is chosen for the termination of the specific service of video that the PN offers. The PNM facilitates this 
by secure authentication, registration and routing of the Guest UE. 
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Figure 10: Guest UE registered in PN 



A.5 Use case on UE redirection of terminating services 

A user owns two phones, a PDA, and a notebook. All devices have radio access means to the 3GPP System. Phones and 
PDA support UTRAN. The notebook allows access via WLAN. The user has subscribed the PNM PN UE redirection 
and registered all devices in the Personal Network. 

In a possible scenario the user is on an airport and must wait for a delayed plane. The user carries the notebook and one 
of the phones with her/him. The other two devices are left at home. Usually the user does not use the notebook for 
accessing 3GPP services. However, an Interworked WLAN access network may exist at the airport. Via the WLAN 
hotspot the user is able to establish a connection to the PLMN. To shorten the waiting time the user wants to utilize the 
WLAN hotspot for enjoying subscribed 3GPP multimedia services via the notebook. The services are configured for the 
termination at PDA and phones. The user needs a convenient solution to enable a temporary termination of the services 
with the notebook in order to benefit from the available advanced multimedia processing capabilities of the notebook 
and the high speed data access. Depending on the services the user would have to reconfigure either the services or the 
devices. In case of device reconfiguration a forwarding function would have to be set up at the phones and the PDA for 
directing services to the notebook. This is not only inconvenient but currently not feasible for the user as a part of the 
devices is left at home. Furthermore different redirecting settings would be required for CS and IMS. In praxis the 
complicated manual handling would hamper the flexible use of the available devices. Instead the user wants to switch 
on the notebook and press a button to activate the notebook for the service termination either temporarily or 
permanently. Depending on the user preferences the user interface may also offer to activate a specific subscribed 
service, like a multimedia news service. Beside of the minimized manual interaction the handling would be more 
natural. When the user wants to do something with a particular device the user does not expect the necessity to 
configure other entities. After finishing the usage of the multimedia services the user presses the deactivation button to 
stop a temporary activation. In non-temporary cases the activations are changed by activating one or more other devices 
at a later point in time. For instance, back at home the user may prefer to use the PDA for receiving the multimedia 
news. After switch-on the user simply presses the activation software button on the PDA to either receive the news 
exclusively or simultaneously on the PDA. 
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Figure 11 : Activation of UE 2 for directing service termination to UE 2 



A.6 Use case on PNE redirection of terminating services 

An advanced user does not only possess a number of different devices with 3GPP access for various purposes like a 
multimedia phone with advanced camera and music capabilities, a car phone with car specific features, or a smart phone 
with messaging and internet. The advanced user is interested in local connectivity between these devices and with other 
owned devices like a PDA and notebook. For instance, a user may be on a business tour with the car. The car has an in- 
built car phone. The user wants to utilize the 3GPP access of the car phone in order to terminate network services with 
the notebook. For this purpose the user sets up a local network between notebook and car phone. In this scenario the car 
phone provides the MT capabilities and the notebook acts as TE of the UE. With the PN UE redirection the user would 
only be able to redirect terminating services to the car UE. The TE device would not be known and visible to the PLMN 
routing. The user would have to configure the local network to achieve the proper forwarding and processing within the 
local network. Instead of complicated manual settings the user wants a simple natural method as provided by the PN UE 
Redirecting application. The user starts the notebook. Automatically the car phone is detected and a local connection 
with the car phone is established. Afterwards the user presses a software button for terminating all or selected services 
on the notebook. This should work independently of the radio access means available for the access to the 3GPP 
system. For example the notebook may have own radio access means. After activation of the notebook for service 
termination the radio access means do not matter. Independent of the radio access technology and possibly simultaneous 
connections to the 3GPP system the chosen services are always directed to the notebook. 
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Figure 12: Activating a particular device of a UE or PAN for service termination 



A.7 Use case: Selective update based on capability lists 

Alice has a home PAN or UE where her video device (sink) has been registered as a PNE at the PNM. AHce is traveling 
to her office, and has registered her UE to the PN. For all video services she has chosen her video device as the 
terminating device, where it can be recorded for future viewing. She has also requested the PN service to update her on 
PN settings based on the service she is interested in (video devices, audio devices, printing devices, other services). For 
some reason, her video device (TE) becomes unavailable (Eg: power goes down or switched off by somebody else or 
network down. etc). The home PAN or UE deactivates this video device (TE) and makes the PN service aware of this 
deactivation. The PN service then lets Alice know of this event based on the capability list she has chosen. 

As an effect, Alice after receiving this update may change her video terminating settings to her own UE. 



A. 8 Use case: Combination of two PANs 

Figure 13 and Figure 14 describe the PNM functionality on combination of two PANs. When PANl and PAN2 are 
physically close to each other, the user may hope to combine them into one PAN and designate UEl as the new PAN's 
UE. The PNM needs to deactivate UE2 and update relative registration information (binding tables and addresses) of 
UEl and PNEs in PAN2. The PNEs in PAN2 (ME2 and TE2) may keep or change the original network positions, i.e. 
the connection to UE2 or UEl (described as case 1 and case 2). After the combination UE2 and ME2 need to be 
authorized through UEl to get access for any new service, and then they can access those services directly. 
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Figure 13: Combination of two PANs (case 1) 
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Figure 14: Combination of two PANs (case 2) 
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A.9 Use case: Separation of PAN 

Figure 15 describes the PNM functionality on separation of PAN. It's very likely to happen that some devices in a PAN 
move far away and almost out of control, or even they are not so far away but the user wants to separate them into two 
PANs. In this use case the user want to separate ME2, TE2 and ME3 from the PAN and to form a new PAN (PAN2). 
The PNM shall designate a UE for PAN2, i.e. activate a ME (ME3) who contains a USIM. The PN shall update 
registration information of ME3 (UE2), ME2, TE2 and UEl due to the changes of network positions. And the PNEs in 
PAN2 including UE2 need to get authorized through the USIM on UE2 for new services provided by PLMN. 
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Figure 15: Separation of PAN 
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